India’s largest health insurance provider, Star Health, and Allied Insurance, recently experienced a significant data breach, resulting in the exposure of sensitive personal information belonging to more than 31 million customers.
This breach has been facilitated through chatbots on the popular messaging app Telegram, raising serious concerns about data security and the misuse of technology platforms.
The breach was first discovered by UK-based cybersecurity researcher Jason Parker, who alerted Reuters to Telegram chatbots offering access to Star Health’s customer data.
Meet the CISOs, Join the Virtual Panel to Learn compliance – Join Free
The stolen information includes names, phone numbers, addresses, tax details, copies of ID cards, medical diagnoses, and test results. The data is available for free in small portions but can also be purchased in bulk, amounting to a staggering 7.24 terabytes.
The individual claiming responsibility for creating these chatbots operates under the alias “xenZen” and has been active on hacker forums.
“I am leaking all Star Health India customers and insurance claims sensitive data. This leak is sponsored by Star Health and Allied Insurance Company, who sold this data to me directly,” xenZen added.
Despite Telegram’s efforts to remove these chatbots upon notification, new ones quickly reappear, demonstrating the challenges in policing such illicit activities on the platform.
Star Health said to Reuters that an “unidentified person contacted it on Aug. 13, claiming to have access to some of its data. The insurer reported the matter to the cybercrime department of its home state of Tamil Nadu and the federal cyber security agency CERT-In”.
The company maintains that its initial assessment found “no widespread compromise” and assures customers that their privacy remains a top priority.
However, affected customers have expressed concern over the breach.
Policyholders like Sandeep TS and Pankaj Subhash Malhotra confirmed the authenticity of leaked documents related to their medical records but reported not being informed by Star Health about any security breach, Reuters added.
This incident comes amid increasing scrutiny of Telegram’s content moderation practices. Telegram’s founder, Pavel Durov, was recently arrested in France over allegations related to the platform’s facilitation of criminal activities.
As new chatbots continue to emerge offering stolen data, it is clear that more stringent safeguards are necessary to protect sensitive customer information from cybercriminal exploitation.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14-day free trial